Added dynamodb read and write capacity flags fixing #37

README.md

@@ -13,6 +13,8 @@ This command line utility automates the storage of encrypted secrets in [DynamoD
 1. Add and configure a KMS key in IAM with the alias `credstash`, ensure this is created in the correct region as the user interface for this is quite confusing.
 2. Run `unicreds setup` to create the dynamodb table in your region, ensure you have your credentials configured using the [awscli](https://aws.amazon.com/cli/).
 
+NOTE: It is really important to tune DynamoDB to your read and write requirements if your using unicreds with automation!
+
 # usage
 
 ```

cmd/unicreds/main.go

@@ -26,7 +26,9 @@ var (
 	encContext  = encryptionContext(app.Flag("enc-context", "Add a key value pair to the encryption context.").Short('E'))
 
 	// commands
-	cmdSetup = app.Command("setup", "Setup the dynamodb table used to store credentials.")
+	cmdSetup      = app.Command("setup", "Setup the dynamodb table used to store credentials.")
+	cmdSetupRead  = cmdSetup.Flag("read", "Dynamo read capacity.").Default("4").Int64()
+	cmdSetupWrite = cmdSetup.Flag("write", "Dynamo write capacity.").Default("4").Int64()
 
 	cmdGet     = app.Command("get", "Get a credential from the store.")
 	cmdGetName = cmdGet.Arg("credential", "The name of the credential to get.").Required().String()
@@ -73,7 +75,7 @@ func main() {
 
 	switch command {
 	case cmdSetup.FullCommand():
-		err := unicreds.Setup(dynamoTable)
+		err := unicreds.Setup(dynamoTable, cmdSetupRead, cmdSetupWrite)
 		if err != nil {
 			printFatalError(err)
 		}

ds.go

@@ -104,7 +104,7 @@ func (slice ByName) Less(i, j int) bool {
 }
 
 // Setup create the table which stores credentials
-func Setup(tableName *string) (err error) {
+func Setup(tableName *string, read *int64, write *int64) (err error) {
 	log.Debug("Running Setup")
 
 	_, err = dynamoSvc.CreateTable(&dynamodb.CreateTableInput{
@@ -129,8 +129,8 @@ func Setup(tableName *string) (err error) {
 			},
 		},
 		ProvisionedThroughput: &dynamodb.ProvisionedThroughput{
-			ReadCapacityUnits:  aws.Int64(1),
-			WriteCapacityUnits: aws.Int64(1),
+			ReadCapacityUnits:  read,
+			WriteCapacityUnits: write,
 		},
 		TableName: tableName,
 	})

ds_test.go

@@ -15,8 +15,10 @@ import (
 )
 
 var (
-	tableName   = "credential-store"
-	dsPlainText = []byte{
+	tableName     = "credential-store"
+	readCapacity  = int64(4)
+	writeCapacity = int64(4)
+	dsPlainText   = []byte{
 		0x6a, 0xcf, 0xeb, 0xd6, 0xe9, 0xa6, 0x19, 0xc1,
 		0x38, 0xb9, 0xfc, 0x2d, 0x53, 0x23, 0x4d, 0x78,
 		0x85, 0x48, 0x96, 0xd6, 0xd2, 0xf6, 0xf4, 0x42,
@@ -61,7 +63,7 @@ func TestSetup(t *testing.T) {
 	dsMock.On("DescribeTable",
 		mock.AnythingOfType("*dynamodb.DescribeTableInput")).Return(dto, nil)
 
-	err := Setup(&tableName)
+	err := Setup(&tableName, &readCapacity, &writeCapacity)
 
 	assert.Nil(t, err)
 }